- ---------------------------------------------------------------------                   Red Hat Security Advisory

Synopsis:          Moderate: httpd security update
Advisory ID:       RHSA-2007:0534-01
Advisory URL:      https://access.redhat.com/errata/RHSA-2007:0534.html
Issue date:        2007-06-26
Updated on:        2007-06-26
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2006-5752 CVE-2007-1863 
- ---------------------------------------------------------------------1. Summary:

Updated Apache httpd packages that correct two security issues are now
available for Red Hat Enterprise Linux 4.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

The Apache HTTP Server is a popular Web server.

A flaw was found in the Apache HTTP Server mod_status module. On sites
where the server-status page is publicly accessible and ExtendedStatus is
enabled this could lead to a cross-site scripting attack. On Red Hat
Enterprise Linux the server-status page is not enabled by default and it is
best practice to not make this publicly available. (CVE-2006-5752)

A bug was found in the Apache HTTP Server mod_cache module. On sites where
caching is enabled, a remote attacker could send a carefully crafted
request that would cause the Apache child process handling that request to
crash. This could lead to a denial of service if using a threaded
Multi-Processing Module. (CVE-2007-1863)

Users of httpd should upgrade to these updated packages, which contain
backported patches to correct these issues. Users should restart Apache
after installing this update.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at

5. Bug IDs fixed (http://bugzilla.redhat.com/):

244658 - CVE-2007-1863 httpd mod_cache segfault
245112 - CVE-2006-5752 httpd mod_status XSS

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
e19b6b381b001d6a03479e084173a619  httpd-2.0.52-32.2.ent.src.rpm

i386:
f0582489efd46c9c59863195707d00d0  httpd-2.0.52-32.2.ent.i386.rpm
2d08feb9b8233c16e80d213f8f962360  httpd-debuginfo-2.0.52-32.2.ent.i386.rpm
340f2feebe9a79e42a767335336675f5  httpd-devel-2.0.52-32.2.ent.i386.rpm
2b490d14e2d09eb8cbafd88fe9467312  httpd-manual-2.0.52-32.2.ent.i386.rpm
115487cace183f2caf4aac73a5149c9f  httpd-suexec-2.0.52-32.2.ent.i386.rpm
d86d6d290b95fc85e3de832dae45ba7f  mod_ssl-2.0.52-32.2.ent.i386.rpm

ia64:
43280ea7ada5d21c98a4d9d0738ef341  httpd-2.0.52-32.2.ent.ia64.rpm
3d84b352d9686dd518b48e13a0c02ddd  httpd-debuginfo-2.0.52-32.2.ent.ia64.rpm
8cb1a7fb6dcf3b6c8bba764574a4f46b  httpd-devel-2.0.52-32.2.ent.ia64.rpm
7f3a1353272854c8446d83f80333443c  httpd-manual-2.0.52-32.2.ent.ia64.rpm
309413e6ae60a2dc263e6ed963a3e4be  httpd-suexec-2.0.52-32.2.ent.ia64.rpm
56749924b8239b7343ab30975376cd82  mod_ssl-2.0.52-32.2.ent.ia64.rpm

ppc:
127729c579cbca6fcd60a2f8e8b76f6c  httpd-2.0.52-32.2.ent.ppc.rpm
8bcdba1da6bf29c52fa39b3cdfe935c0  httpd-debuginfo-2.0.52-32.2.ent.ppc.rpm
0911772998e00a4a09536b2240de07e4  httpd-devel-2.0.52-32.2.ent.ppc.rpm
209a157b1cae1e4454d90590f3df6500  httpd-manual-2.0.52-32.2.ent.ppc.rpm
975f553c1ce8616f5cce71f511903a53  httpd-suexec-2.0.52-32.2.ent.ppc.rpm
40cab07e07fb43a436e80bca5b928413  mod_ssl-2.0.52-32.2.ent.ppc.rpm

s390:
9770d5a8918fdd97d74ddedf2a1f686e  httpd-2.0.52-32.2.ent.s390.rpm
c7f7aa04d925c7152ba038cf84148d2b  httpd-debuginfo-2.0.52-32.2.ent.s390.rpm
980920e38a008e2333e70bc0f794b2db  httpd-devel-2.0.52-32.2.ent.s390.rpm
9e49e23e2266faa6b25bf4e5b2f89c7b  httpd-manual-2.0.52-32.2.ent.s390.rpm
dd3da0029f6d267011e0d673c077ceab  httpd-suexec-2.0.52-32.2.ent.s390.rpm
ea1047ac976b43b5be3cb1dfb4e8c26d  mod_ssl-2.0.52-32.2.ent.s390.rpm

s390x:
eb4f61a04aa54984ba1a09726bca13b7  httpd-2.0.52-32.2.ent.s390x.rpm
ed6bb4f7ae935462595396c99b33c205  httpd-debuginfo-2.0.52-32.2.ent.s390x.rpm
417868bf22d1669436695452c7f49ad2  httpd-devel-2.0.52-32.2.ent.s390x.rpm
d16a5308fd622d2790a0a6c777872ae7  httpd-manual-2.0.52-32.2.ent.s390x.rpm
ed840994b9f16962d3c2d773f1416004  httpd-suexec-2.0.52-32.2.ent.s390x.rpm
b717d806bbeb703cb4988c3c9c093a36  mod_ssl-2.0.52-32.2.ent.s390x.rpm

x86_64:
208ead4487bdc36a3eb0c45af2dac4d0  httpd-2.0.52-32.2.ent.x86_64.rpm
11aff2230fabb33344afbbe8cf31ebc7  httpd-debuginfo-2.0.52-32.2.ent.x86_64.rpm
2926a123b3645ea8c79e2057d572c5ab  httpd-devel-2.0.52-32.2.ent.x86_64.rpm
c048d1098d04d7d6e6f552270c97fa33  httpd-manual-2.0.52-32.2.ent.x86_64.rpm
6217e605a53ac2b4476ca842e027a8b5  httpd-suexec-2.0.52-32.2.ent.x86_64.rpm
5b2613e647bfd5ff5459d8daee1177e5  mod_ssl-2.0.52-32.2.ent.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
e19b6b381b001d6a03479e084173a619  httpd-2.0.52-32.2.ent.src.rpm

i386:
f0582489efd46c9c59863195707d00d0  httpd-2.0.52-32.2.ent.i386.rpm
2d08feb9b8233c16e80d213f8f962360  httpd-debuginfo-2.0.52-32.2.ent.i386.rpm
340f2feebe9a79e42a767335336675f5  httpd-devel-2.0.52-32.2.ent.i386.rpm
2b490d14e2d09eb8cbafd88fe9467312  httpd-manual-2.0.52-32.2.ent.i386.rpm
115487cace183f2caf4aac73a5149c9f  httpd-suexec-2.0.52-32.2.ent.i386.rpm
d86d6d290b95fc85e3de832dae45ba7f  mod_ssl-2.0.52-32.2.ent.i386.rpm

x86_64:
208ead4487bdc36a3eb0c45af2dac4d0  httpd-2.0.52-32.2.ent.x86_64.rpm
11aff2230fabb33344afbbe8cf31ebc7  httpd-debuginfo-2.0.52-32.2.ent.x86_64.rpm
2926a123b3645ea8c79e2057d572c5ab  httpd-devel-2.0.52-32.2.ent.x86_64.rpm
c048d1098d04d7d6e6f552270c97fa33  httpd-manual-2.0.52-32.2.ent.x86_64.rpm
6217e605a53ac2b4476ca842e027a8b5  httpd-suexec-2.0.52-32.2.ent.x86_64.rpm
5b2613e647bfd5ff5459d8daee1177e5  mod_ssl-2.0.52-32.2.ent.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
e19b6b381b001d6a03479e084173a619  httpd-2.0.52-32.2.ent.src.rpm

i386:
f0582489efd46c9c59863195707d00d0  httpd-2.0.52-32.2.ent.i386.rpm
2d08feb9b8233c16e80d213f8f962360  httpd-debuginfo-2.0.52-32.2.ent.i386.rpm
340f2feebe9a79e42a767335336675f5  httpd-devel-2.0.52-32.2.ent.i386.rpm
2b490d14e2d09eb8cbafd88fe9467312  httpd-manual-2.0.52-32.2.ent.i386.rpm
115487cace183f2caf4aac73a5149c9f  httpd-suexec-2.0.52-32.2.ent.i386.rpm
d86d6d290b95fc85e3de832dae45ba7f  mod_ssl-2.0.52-32.2.ent.i386.rpm

ia64:
43280ea7ada5d21c98a4d9d0738ef341  httpd-2.0.52-32.2.ent.ia64.rpm
3d84b352d9686dd518b48e13a0c02ddd  httpd-debuginfo-2.0.52-32.2.ent.ia64.rpm
8cb1a7fb6dcf3b6c8bba764574a4f46b  httpd-devel-2.0.52-32.2.ent.ia64.rpm
7f3a1353272854c8446d83f80333443c  httpd-manual-2.0.52-32.2.ent.ia64.rpm
309413e6ae60a2dc263e6ed963a3e4be  httpd-suexec-2.0.52-32.2.ent.ia64.rpm
56749924b8239b7343ab30975376cd82  mod_ssl-2.0.52-32.2.ent.ia64.rpm

x86_64:
208ead4487bdc36a3eb0c45af2dac4d0  httpd-2.0.52-32.2.ent.x86_64.rpm
11aff2230fabb33344afbbe8cf31ebc7  httpd-debuginfo-2.0.52-32.2.ent.x86_64.rpm
2926a123b3645ea8c79e2057d572c5ab  httpd-devel-2.0.52-32.2.ent.x86_64.rpm
c048d1098d04d7d6e6f552270c97fa33  httpd-manual-2.0.52-32.2.ent.x86_64.rpm
6217e605a53ac2b4476ca842e027a8b5  httpd-suexec-2.0.52-32.2.ent.x86_64.rpm
5b2613e647bfd5ff5459d8daee1177e5  mod_ssl-2.0.52-32.2.ent.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
e19b6b381b001d6a03479e084173a619  httpd-2.0.52-32.2.ent.src.rpm

i386:
f0582489efd46c9c59863195707d00d0  httpd-2.0.52-32.2.ent.i386.rpm
2d08feb9b8233c16e80d213f8f962360  httpd-debuginfo-2.0.52-32.2.ent.i386.rpm
340f2feebe9a79e42a767335336675f5  httpd-devel-2.0.52-32.2.ent.i386.rpm
2b490d14e2d09eb8cbafd88fe9467312  httpd-manual-2.0.52-32.2.ent.i386.rpm
115487cace183f2caf4aac73a5149c9f  httpd-suexec-2.0.52-32.2.ent.i386.rpm
d86d6d290b95fc85e3de832dae45ba7f  mod_ssl-2.0.52-32.2.ent.i386.rpm

ia64:
43280ea7ada5d21c98a4d9d0738ef341  httpd-2.0.52-32.2.ent.ia64.rpm
3d84b352d9686dd518b48e13a0c02ddd  httpd-debuginfo-2.0.52-32.2.ent.ia64.rpm
8cb1a7fb6dcf3b6c8bba764574a4f46b  httpd-devel-2.0.52-32.2.ent.ia64.rpm
7f3a1353272854c8446d83f80333443c  httpd-manual-2.0.52-32.2.ent.ia64.rpm
309413e6ae60a2dc263e6ed963a3e4be  httpd-suexec-2.0.52-32.2.ent.ia64.rpm
56749924b8239b7343ab30975376cd82  mod_ssl-2.0.52-32.2.ent.ia64.rpm

x86_64:
208ead4487bdc36a3eb0c45af2dac4d0  httpd-2.0.52-32.2.ent.x86_64.rpm
11aff2230fabb33344afbbe8cf31ebc7  httpd-debuginfo-2.0.52-32.2.ent.x86_64.rpm
2926a123b3645ea8c79e2057d572c5ab  httpd-devel-2.0.52-32.2.ent.x86_64.rpm
c048d1098d04d7d6e6f552270c97fa33  httpd-manual-2.0.52-32.2.ent.x86_64.rpm
6217e605a53ac2b4476ca842e027a8b5  httpd-suexec-2.0.52-32.2.ent.x86_64.rpm
5b2613e647bfd5ff5459d8daee1177e5  mod_ssl-2.0.52-32.2.ent.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is .  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.

RedHat: Moderate: httpd security update RHSA-2007:0534-01

Updated Apache httpd packages that correct two security issues are now available for Red Hat Enterprise Linux 4

Summary



Summary

The Apache HTTP Server is a popular Web server. A flaw was found in the Apache HTTP Server mod_status module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled this could lead to a cross-site scripting attack. On Red Hat Enterprise Linux the server-status page is not enabled by default and it is best practice to not make this publicly available. (CVE-2006-5752) A bug was found in the Apache HTTP Server mod_cache module. On sites where caching is enabled, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module. (CVE-2007-1863) Users of httpd should upgrade to these updated packages, which contain backported patches to correct these issues. Users should restart Apache after installing this update.


Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at
5. Bug IDs fixed (http://bugzilla.redhat.com/):
244658 - CVE-2007-1863 httpd mod_cache segfault 245112 - CVE-2006-5752 httpd mod_status XSS
6. RPMs required:
Red Hat Enterprise Linux AS version 4:
SRPMS: e19b6b381b001d6a03479e084173a619 httpd-2.0.52-32.2.ent.src.rpm
i386: f0582489efd46c9c59863195707d00d0 httpd-2.0.52-32.2.ent.i386.rpm 2d08feb9b8233c16e80d213f8f962360 httpd-debuginfo-2.0.52-32.2.ent.i386.rpm 340f2feebe9a79e42a767335336675f5 httpd-devel-2.0.52-32.2.ent.i386.rpm 2b490d14e2d09eb8cbafd88fe9467312 httpd-manual-2.0.52-32.2.ent.i386.rpm 115487cace183f2caf4aac73a5149c9f httpd-suexec-2.0.52-32.2.ent.i386.rpm d86d6d290b95fc85e3de832dae45ba7f mod_ssl-2.0.52-32.2.ent.i386.rpm
ia64: 43280ea7ada5d21c98a4d9d0738ef341 httpd-2.0.52-32.2.ent.ia64.rpm 3d84b352d9686dd518b48e13a0c02ddd httpd-debuginfo-2.0.52-32.2.ent.ia64.rpm 8cb1a7fb6dcf3b6c8bba764574a4f46b httpd-devel-2.0.52-32.2.ent.ia64.rpm 7f3a1353272854c8446d83f80333443c httpd-manual-2.0.52-32.2.ent.ia64.rpm 309413e6ae60a2dc263e6ed963a3e4be httpd-suexec-2.0.52-32.2.ent.ia64.rpm 56749924b8239b7343ab30975376cd82 mod_ssl-2.0.52-32.2.ent.ia64.rpm
ppc: 127729c579cbca6fcd60a2f8e8b76f6c httpd-2.0.52-32.2.ent.ppc.rpm 8bcdba1da6bf29c52fa39b3cdfe935c0 httpd-debuginfo-2.0.52-32.2.ent.ppc.rpm 0911772998e00a4a09536b2240de07e4 httpd-devel-2.0.52-32.2.ent.ppc.rpm 209a157b1cae1e4454d90590f3df6500 httpd-manual-2.0.52-32.2.ent.ppc.rpm 975f553c1ce8616f5cce71f511903a53 httpd-suexec-2.0.52-32.2.ent.ppc.rpm 40cab07e07fb43a436e80bca5b928413 mod_ssl-2.0.52-32.2.ent.ppc.rpm
s390: 9770d5a8918fdd97d74ddedf2a1f686e httpd-2.0.52-32.2.ent.s390.rpm c7f7aa04d925c7152ba038cf84148d2b httpd-debuginfo-2.0.52-32.2.ent.s390.rpm 980920e38a008e2333e70bc0f794b2db httpd-devel-2.0.52-32.2.ent.s390.rpm 9e49e23e2266faa6b25bf4e5b2f89c7b httpd-manual-2.0.52-32.2.ent.s390.rpm dd3da0029f6d267011e0d673c077ceab httpd-suexec-2.0.52-32.2.ent.s390.rpm ea1047ac976b43b5be3cb1dfb4e8c26d mod_ssl-2.0.52-32.2.ent.s390.rpm
s390x: eb4f61a04aa54984ba1a09726bca13b7 httpd-2.0.52-32.2.ent.s390x.rpm ed6bb4f7ae935462595396c99b33c205 httpd-debuginfo-2.0.52-32.2.ent.s390x.rpm 417868bf22d1669436695452c7f49ad2 httpd-devel-2.0.52-32.2.ent.s390x.rpm d16a5308fd622d2790a0a6c777872ae7 httpd-manual-2.0.52-32.2.ent.s390x.rpm ed840994b9f16962d3c2d773f1416004 httpd-suexec-2.0.52-32.2.ent.s390x.rpm b717d806bbeb703cb4988c3c9c093a36 mod_ssl-2.0.52-32.2.ent.s390x.rpm
x86_64: 208ead4487bdc36a3eb0c45af2dac4d0 httpd-2.0.52-32.2.ent.x86_64.rpm 11aff2230fabb33344afbbe8cf31ebc7 httpd-debuginfo-2.0.52-32.2.ent.x86_64.rpm 2926a123b3645ea8c79e2057d572c5ab httpd-devel-2.0.52-32.2.ent.x86_64.rpm c048d1098d04d7d6e6f552270c97fa33 httpd-manual-2.0.52-32.2.ent.x86_64.rpm 6217e605a53ac2b4476ca842e027a8b5 httpd-suexec-2.0.52-32.2.ent.x86_64.rpm 5b2613e647bfd5ff5459d8daee1177e5 mod_ssl-2.0.52-32.2.ent.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS: e19b6b381b001d6a03479e084173a619 httpd-2.0.52-32.2.ent.src.rpm
i386: f0582489efd46c9c59863195707d00d0 httpd-2.0.52-32.2.ent.i386.rpm 2d08feb9b8233c16e80d213f8f962360 httpd-debuginfo-2.0.52-32.2.ent.i386.rpm 340f2feebe9a79e42a767335336675f5 httpd-devel-2.0.52-32.2.ent.i386.rpm 2b490d14e2d09eb8cbafd88fe9467312 httpd-manual-2.0.52-32.2.ent.i386.rpm 115487cace183f2caf4aac73a5149c9f httpd-suexec-2.0.52-32.2.ent.i386.rpm d86d6d290b95fc85e3de832dae45ba7f mod_ssl-2.0.52-32.2.ent.i386.rpm
x86_64: 208ead4487bdc36a3eb0c45af2dac4d0 httpd-2.0.52-32.2.ent.x86_64.rpm 11aff2230fabb33344afbbe8cf31ebc7 httpd-debuginfo-2.0.52-32.2.ent.x86_64.rpm 2926a123b3645ea8c79e2057d572c5ab httpd-devel-2.0.52-32.2.ent.x86_64.rpm c048d1098d04d7d6e6f552270c97fa33 httpd-manual-2.0.52-32.2.ent.x86_64.rpm 6217e605a53ac2b4476ca842e027a8b5 httpd-suexec-2.0.52-32.2.ent.x86_64.rpm 5b2613e647bfd5ff5459d8daee1177e5 mod_ssl-2.0.52-32.2.ent.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS: e19b6b381b001d6a03479e084173a619 httpd-2.0.52-32.2.ent.src.rpm
i386: f0582489efd46c9c59863195707d00d0 httpd-2.0.52-32.2.ent.i386.rpm 2d08feb9b8233c16e80d213f8f962360 httpd-debuginfo-2.0.52-32.2.ent.i386.rpm 340f2feebe9a79e42a767335336675f5 httpd-devel-2.0.52-32.2.ent.i386.rpm 2b490d14e2d09eb8cbafd88fe9467312 httpd-manual-2.0.52-32.2.ent.i386.rpm 115487cace183f2caf4aac73a5149c9f httpd-suexec-2.0.52-32.2.ent.i386.rpm d86d6d290b95fc85e3de832dae45ba7f mod_ssl-2.0.52-32.2.ent.i386.rpm
ia64: 43280ea7ada5d21c98a4d9d0738ef341 httpd-2.0.52-32.2.ent.ia64.rpm 3d84b352d9686dd518b48e13a0c02ddd httpd-debuginfo-2.0.52-32.2.ent.ia64.rpm 8cb1a7fb6dcf3b6c8bba764574a4f46b httpd-devel-2.0.52-32.2.ent.ia64.rpm 7f3a1353272854c8446d83f80333443c httpd-manual-2.0.52-32.2.ent.ia64.rpm 309413e6ae60a2dc263e6ed963a3e4be httpd-suexec-2.0.52-32.2.ent.ia64.rpm 56749924b8239b7343ab30975376cd82 mod_ssl-2.0.52-32.2.ent.ia64.rpm
x86_64: 208ead4487bdc36a3eb0c45af2dac4d0 httpd-2.0.52-32.2.ent.x86_64.rpm 11aff2230fabb33344afbbe8cf31ebc7 httpd-debuginfo-2.0.52-32.2.ent.x86_64.rpm 2926a123b3645ea8c79e2057d572c5ab httpd-devel-2.0.52-32.2.ent.x86_64.rpm c048d1098d04d7d6e6f552270c97fa33 httpd-manual-2.0.52-32.2.ent.x86_64.rpm 6217e605a53ac2b4476ca842e027a8b5 httpd-suexec-2.0.52-32.2.ent.x86_64.rpm 5b2613e647bfd5ff5459d8daee1177e5 mod_ssl-2.0.52-32.2.ent.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS: e19b6b381b001d6a03479e084173a619 httpd-2.0.52-32.2.ent.src.rpm
i386: f0582489efd46c9c59863195707d00d0 httpd-2.0.52-32.2.ent.i386.rpm 2d08feb9b8233c16e80d213f8f962360 httpd-debuginfo-2.0.52-32.2.ent.i386.rpm 340f2feebe9a79e42a767335336675f5 httpd-devel-2.0.52-32.2.ent.i386.rpm 2b490d14e2d09eb8cbafd88fe9467312 httpd-manual-2.0.52-32.2.ent.i386.rpm 115487cace183f2caf4aac73a5149c9f httpd-suexec-2.0.52-32.2.ent.i386.rpm d86d6d290b95fc85e3de832dae45ba7f mod_ssl-2.0.52-32.2.ent.i386.rpm
ia64: 43280ea7ada5d21c98a4d9d0738ef341 httpd-2.0.52-32.2.ent.ia64.rpm 3d84b352d9686dd518b48e13a0c02ddd httpd-debuginfo-2.0.52-32.2.ent.ia64.rpm 8cb1a7fb6dcf3b6c8bba764574a4f46b httpd-devel-2.0.52-32.2.ent.ia64.rpm 7f3a1353272854c8446d83f80333443c httpd-manual-2.0.52-32.2.ent.ia64.rpm 309413e6ae60a2dc263e6ed963a3e4be httpd-suexec-2.0.52-32.2.ent.ia64.rpm 56749924b8239b7343ab30975376cd82 mod_ssl-2.0.52-32.2.ent.ia64.rpm
x86_64: 208ead4487bdc36a3eb0c45af2dac4d0 httpd-2.0.52-32.2.ent.x86_64.rpm 11aff2230fabb33344afbbe8cf31ebc7 httpd-debuginfo-2.0.52-32.2.ent.x86_64.rpm 2926a123b3645ea8c79e2057d572c5ab httpd-devel-2.0.52-32.2.ent.x86_64.rpm c048d1098d04d7d6e6f552270c97fa33 httpd-manual-2.0.52-32.2.ent.x86_64.rpm 6217e605a53ac2b4476ca842e027a8b5 httpd-suexec-2.0.52-32.2.ent.x86_64.rpm 5b2613e647bfd5ff5459d8daee1177e5 mod_ssl-2.0.52-32.2.ent.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://www.redhat.com/security/updates/classification/#moderate

Package List


Severity
Advisory ID: RHSA-2007:0534-01
Advisory URL: https://access.redhat.com/errata/RHSA-2007:0534.html
Issued Date: : 2007-06-26
Updated on: 2007-06-26
Product: Red Hat Enterprise Linux
CVE Names: CVE-2006-5752 CVE-2007-1863 Updated Apache httpd packages that correct two security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

Topic


Topic


 

Relevant Releases Architectures

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Enterprise Linux Desktop version 4 - i386, x86_64

Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64


Bugs Fixed


Related News

6.EmailConnection Touch Esm H320
2 - 3 min read
Recent security updates for Ubuntu and Debian have been released to address vulnerabilities in Thunderbird, the popular open-source mail and
30.Lock Globe Motherboard Esm H320
1 - 2 min read
As cybersecurity practitioners, we are no strangers to the constant threat of malicious actors and the importance of remaining vigilant to protect
22.Lock ScreenEffect Esm H320
1 - 2 min read
EndeavorOS Gemini is a captivating and charming desktop operating system based on Arch Linux. The new release includes a kernel upgrade, 3D graphics
25.@Sign Hook Keyboard Esm H320
1 min read
Cyber risk is increasing for individuals and organizations, making flexible and robust solutions for identifying spam and malware increasingly
19.Laptop Bed Esm H320
2 - 3 min read
The recently released Linux Kernel 6.9 brings forth a blend of crucial upgrades and enhancements, catering to the ever-evolving needs of the Linux
4.Lock AbstractDigital Esm H320
1 - 2 min read
Nmap 7.95 introduces myriad enhancements, primarily focusing on OS and service detection signatures. This reflects the dedication of the Nmap
5.ShakingHands Esm H320
3 - 5 min read
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This
18.WifiCutout Landscape Esm H320
2 - 3 min read
A novel attack called TunnelVision has been discovered. It compromises the security of virtually all VPN apps, rendering their purpose useless. The

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved